From: Dr. Stephen Henson <steve@openssl.org>
Date: Sat, 10 Dec 2011 00:37:42 +0000 (+0000)
Subject: implement -attime option as a verify parameter then it works with all relevant applic... 
X-Git-Tag: OpenSSL_1_0_1-beta1~40
X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=f2e590942ea405638e7424a91fecd1e14efae3c4;p=oweals%2Fopenssl.git

implement -attime option as a verify parameter then it works with all relevant applications
---

diff --git a/apps/apps.c b/apps/apps.c
index b346558d2c..22ef53a9e8 100644
--- a/apps/apps.c
+++ b/apps/apps.c
@@ -2256,6 +2256,7 @@ int args_verify(char ***pargs, int *pargc,
 	int purpose = 0, depth = -1;
 	char **oldargs = *pargs;
 	char *arg = **pargs, *argn = (*pargs)[1];
+	time_t at_time = 0;
 	if (!strcmp(arg, "-policy"))
 		{
 		if (!argn)
@@ -2308,6 +2309,27 @@ int args_verify(char ***pargs, int *pargc,
 			}
 		(*pargs)++;
 		}
+	else if (strcmp(arg,"-attime") == 0)
+		{
+		if (!argn)
+			*badarg = 1;
+		else
+			{
+			long timestamp;
+			/* interpret the -attime argument as seconds since
+			 * Epoch */
+			if (sscanf(argn, "%li", &timestamp) != 1)
+				{
+				BIO_printf(bio_err,
+						"Error parsing timestamp %s\n",
+					   	argn);
+				*badarg = 1;
+				}
+			/* on some platforms time_t may be a float */
+			at_time = (time_t) timestamp;
+			}
+		(*pargs)++;
+		}
 	else if (!strcmp(arg, "-ignore_critical"))
 		flags |= X509_V_FLAG_IGNORE_CRITICAL;
 	else if (!strcmp(arg, "-issuer_checks"))
@@ -2362,6 +2384,9 @@ int args_verify(char ***pargs, int *pargc,
 	if (depth >= 0)
 		X509_VERIFY_PARAM_set_depth(*pm, depth);
 
+	if (at_time) 
+		X509_VERIFY_PARAM_set_time(*pm, at_time);
+
 	end:
 
 	(*pargs)++;